Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google redirects


  • This topic is locked This topic is locked
27 replies to this topic

#1 mcpenner

mcpenner

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 09 December 2010 - 01:10 PM

I find that whenever I do a google search and click on the search results (right click - new tab) I will get redirected to some random page, often a search page of some kind.

I have done the following scans:
Spybot search and destroy
Malwarebytes
AVG 2011
Ad Aware
spywareblaster

Here is my Hijackthis log file:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:48:56 AM, on 09/12/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\ltmoh\Ltmoh.exe
C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\e-Sword\e-Sword.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Marvin Penner\Local Settings\Application Data\Analog Clock\Analog Clock.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [LtMoh] C:\Program Files\ltmoh\Ltmoh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
O23 - Service: AVG WatchDog (avgwd) - Unknown owner - C:\Program Files\AVG\AVG10\avgwdsvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: Sandboxie Service (SbieSvc) - SANDBOXIE L.T.D - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 7110 bytes

Thanks for any help you can give me.
mcpenner

Oh I guess I should add, I am running windows xp sp3 and this all happens in firefox. I just downloaded to Opera to see if it happens in another browser?

Merged posts and moved to log forum. ~ OB

Edited by Orange Blossom, 19 December 2010 - 12:52 AM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 19 December 2010 - 01:22 AM

Hello and Welcome to the forums!

My name is Gringo and I'll be glad to help you with your computer problems.

Somethings to remember while we are working together.

  • Do not run any other tool untill instructed to do so!
  • Please Do not Attach logs or put in code boxes.
  • Tell me about any problems that have occurred during the fix.
  • Tell me of any other symptoms you may be having as these can help also.
  • Do not run anything while running a fix.


We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.


In order for me to see the status of the infection I will need a new set of logs to start with.

Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

DeFogger:

  • Please download DeFogger to your desktop.

    Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger may ask you to reboot the machine, if it does - click OK
Do not re-enable these drivers until otherwise instructed.

Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply





Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".


information and logs:

  • In your next post I need the following

  • .logs from DDS
  • log from RKUnHooker
  • let me know of any problems you may have had

Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 19 December 2010 - 05:36 PM

Hi Gringo, thank you for taking an interest in my computer problems.

I just thought I should add a few more details. It might change your instructions to me?

1) I four computers which are all connected to the same wireless router:
One desk computer that is connected to the net by a cable, and is then connected to a linksys wireless router.
Two laptops are connect to the net through the router. All of these are windows xp.
One netbook that runs puppy linux and google chrome.
All the others are or were using Firefox
2) I think these problems all started after my son started using Frostwire. Frostwire has since been deleted from the computer
3) All the computers are infected, even the linux netbook
4) I can not describe what is happening very well because it is unpredictable. Most often it is from a google search. clicking on a search result will often open random unwanted pages in new tabs. Sometimes it will be just a blank page, or a blocked page, or some other search page, or a new google search page.... it rather unpredictable.
5)I did update all of my virous software, spyware, etc on all of the computers. Then I unplugged the internet and scanned them all. It did help some but the problem still persists.
6) I have tried Opera browser. It is better in Opera then Firefox, but some strange things still happen.

I will follow you instructions in a day or two unless I hear different instructions from you.

mcpenner

#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 19 December 2010 - 07:08 PM

we are going to check the router

Create and Run Batch File
Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:
@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

It should look like this: Posted Image <--XP
Double-click on router.bat to run it. it will open notepad when done please post back the results
gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 22 December 2010 - 10:31 AM

Hello

three day bump

It has been Three days since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 22 December 2010 - 03:22 PM

It's Christmas and I've been sick in bed for two days. I will get to this as soon as I can. Can you keep it open for a few days if I can't reply within the five days given the time of year?

mcpenner

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 22 December 2010 - 03:37 PM

Don't worry I am not going to close anything untill after Jan 3 so take as long as you need - you will get these bumps every three days untill then
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 22 December 2010 - 06:41 PM

OK Gringo, I got my work done today much more quickly then I had anticipated. So I have followed your instructions. I did it on my laptop because this is the computer I use the most. If I need to do it on any of the other computers I can do that too. Here is the file:



Windows IP Configuration



Host Name . . . . . . . . . . . . : toshiba

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Wireless Network Connection 2:



Media State . . . . . . . . . . . : Media disconnected

Description . . . . . . . . . . . : Atheros AR5001X+ Wireless Network Adapter

Physical Address. . . . . . . . . : 00-90-96-72-66-84



Ethernet adapter Wireless Network Connection 4:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : D-Link WUA-2340 USB Adapter

Physical Address. . . . . . . . . : 00-1B-11-1E-BD-D0

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.103

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 213.109.67.26

213.109.77.22

1.1.1.1

Lease Obtained. . . . . . . . . . : December 22, 2010 11:37:23 AM

Lease Expires . . . . . . . . . . : December 23, 2010 11:37:23 AM

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.67.26

Name: google.com
Addresses: 72.14.209.104, 72.14.209.99

DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 213.109.67.26

Name: yahoo.com
Addresses: 98.137.149.56, 67.195.160.76, 69.147.125.65, 72.30.2.43
209.191.122.70



Pinging google.com [72.14.209.104] with 32 bytes of data:



Reply from 72.14.209.104: bytes=32 time=117ms TTL=52

Reply from 72.14.209.104: bytes=32 time=96ms TTL=52



Ping statistics for 72.14.209.104:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 96ms, Maximum = 117ms, Average = 106ms



Pinging yahoo.com [69.147.125.65] with 32 bytes of data:



Reply from 69.147.125.65: bytes=32 time=113ms TTL=53

Reply from 69.147.125.65: bytes=32 time=109ms TTL=53



Ping statistics for 69.147.125.65:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 109ms, Maximum = 113ms, Average = 111ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 90 96 72 66 84 ...... Atheros AR5001X+ Wireless Network Adapter - Packet Scheduler Miniport
0x20004 ...00 1b 11 1e bd d0 ...... D-Link WUA-2340 USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.103 25
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.103 192.168.1.103 25
192.168.1.103 255.255.255.255 127.0.0.1 127.0.0.1 25
192.168.1.255 255.255.255.255 192.168.1.103 192.168.1.103 25
224.0.0.0 240.0.0.0 192.168.1.103 192.168.1.103 25
255.255.255.255 255.255.255.255 192.168.1.103 2 1
255.255.255.255 255.255.255.255 192.168.1.103 192.168.1.103 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 22 December 2010 - 09:26 PM

Hello

Yes it looks like the DNS settings on the router have been changed.

Resetting Router

Let’s try to reset the router to its default configuration.
  • This can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 10 seconds).
  • If you don’t know the router's default password, you can look it up. Here
  • You also need to reconfigure any security settings you had in place prior to the reset.
  • You may also need to consult with your Internet service provider to find out which DNS servers your network should be using or you can use OpenDNS
Note: After resetting your router, it is important to set a non-default password, and if possible, username, on the router. This will assist in eliminating the possibility of the router being hijacked again.

flush the DNS:

Now lets flush the DNS on the computer:

  • click on Start
  • select run
  • enter cmd and hit enter
  • a black window will open.
  • please enter the following text into that window and hit enter:


    ipconfig /flushdns

Now lets check the router again

Create and Run Batch File
Open Notepad and copy/paste the entire contents of the codebox below, into Notepad:
@echo off
>Log1.txt (
ipconfig /all
nslookup google.com
nslookup yahoo.com
ping -n 2 google.com
ping -n 2 yahoo.com
route print
)
start Log1.txt
del %0
Save this as router.bat Choose to Save type as - All Files and where to save - Desktop - then close the Notepad file.

It should look like this: Posted Image <--XP
Double-click on router.bat to run it. it will open notepad when done please post back the results

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 26 December 2010 - 03:57 PM

Hello

three day bump

It has been Three days since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 26 December 2010 - 06:13 PM

OK Gringo, I think I did everything as you instructed. Here is the new file.



Windows IP Configuration



Host Name . . . . . . . . . . . . : HOME

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Unknown

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-DC-EC-DF

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.101

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.254.2

142.166.86.18

142.166.86.19

Lease Obtained. . . . . . . . . . : Sunday, December 26, 2010 2:37:53 PM

Lease Expires . . . . . . . . . . : Monday, December 27, 2010 2:37:53 PM

Server: ns1.xplornet.com
Address: 142.166.86.18

Name: google.com
Addresses: 209.85.225.105, 209.85.225.106, 209.85.225.147, 209.85.225.99
209.85.225.103, 209.85.225.104

Server: ns1.xplornet.com
Address: 142.166.86.18

Name: yahoo.com
Addresses: 98.137.149.56, 209.191.122.70, 67.195.160.76, 69.147.125.65
72.30.2.43



Pinging google.com [209.85.225.147] with 32 bytes of data:



Reply from 209.85.225.147: bytes=32 time=78ms TTL=53

Reply from 209.85.225.147: bytes=32 time=75ms TTL=53



Ping statistics for 209.85.225.147:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 75ms, Maximum = 78ms, Average = 76ms



Pinging yahoo.com [72.30.2.43] with 32 bytes of data:



Reply from 72.30.2.43: bytes=32 time=118ms TTL=50

Reply from 72.30.2.43: bytes=32 time=120ms TTL=50



Ping statistics for 72.30.2.43:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 118ms, Maximum = 120ms, Average = 119ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 dc ec df ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.101 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.101 192.168.1.101 20
192.168.1.101 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.101 192.168.1.101 20
224.0.0.0 240.0.0.0 192.168.1.101 192.168.1.101 20
255.255.255.255 255.255.255.255 192.168.1.101 192.168.1.101 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 26 December 2010 - 07:31 PM

That looks good how are are all four computers doing?



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 26 December 2010 - 10:04 PM

So far today I have only been on the desk computer. It has been good so far.

#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:07:32 AM

Posted 26 December 2010 - 10:16 PM

Hello

well lets give it a checkup anyway


Download DDS:

  • Please download DDS by sUBs from one of the links below and save it to your desktop:

    Posted Image
    Download DDS and save it to your desktop

    Link1
    Link2
    Link3

    Please disable any anti-malware program that will block scripts from running before running DDS.

    • Double-Click on dds.scr and a command window will appear. This is normal.
    • Shortly after two logs will appear:
    • DDS.txt
    • Attach.txt
  • A window will open instructing you save & post the logs
  • Save the logs to a convenient place such as your desktop
  • Copy the contents of both logs & post in your next reply




Scan With RKUnHooker

  • Please Download Rootkit Unhooker Save it to your desktop.
  • Now double-click on RKUnhookerLE.exe to run it.
  • Click the Report tab, then click Scan.
  • Check (Tick) Drivers, Stealth,. Uncheck the rest. then Click OK.
  • Wait till the scanner has finished and then click File, Save Report.
  • Save the report somewhere where you can find it. Click Close.
Copy the entire contents of the report and paste it in a reply here.

Note** you may get this warning it is ok, just ignore

"Rootkit Unhooker has detected a parasite inside itself!
It is recommended to remove parasite, okay?"


"just click on Cancel, then Accept".

information and logs:

In your next post I need the following

1.logs from DDS
2.RKUnHooker
3.let me know of any problems you may have had
[/list]
Gringo

I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 mcpenner

mcpenner
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 27 December 2010 - 03:46 PM

OK Gringo, Here are the reports:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2009 8:41:29 AM
System Uptime: 12/27/2010 11:14:17 AM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 33.085 GiB free.
D: is CDROM (CDFS)
F: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP631: 9/21/2010 2:44:58 PM - Software Distribution Service 3.0
RP632: 9/22/2010 6:43:01 PM - System Checkpoint
RP633: 9/23/2010 11:24:58 AM - Software Distribution Service 3.0
RP634: 9/24/2010 2:55:41 PM - Software Distribution Service 3.0
RP635: 9/25/2010 3:39:29 PM - Software Distribution Service 3.0
RP636: 9/26/2010 5:20:19 PM - Software Distribution Service 3.0
RP637: 9/27/2010 5:36:22 PM - Software Distribution Service 3.0
RP638: 9/28/2010 6:05:59 PM - Software Distribution Service 3.0
RP639: 9/29/2010 8:14:19 PM - System Checkpoint
RP640: 9/30/2010 6:02:30 AM - Software Distribution Service 3.0
RP641: 9/30/2010 6:13:40 AM - Software Distribution Service 3.0
RP642: 10/1/2010 6:05:31 AM - Software Distribution Service 3.0
RP643: 10/1/2010 6:17:12 AM - Software Distribution Service 3.0
RP644: 10/2/2010 6:54:26 AM - Software Distribution Service 3.0
RP645: 10/3/2010 8:55:38 AM - System Checkpoint
RP646: 10/3/2010 11:17:34 AM - Software Distribution Service 3.0
RP647: 10/3/2010 11:55:57 AM - Configured Stronghold 2 Deluxe
RP648: 10/3/2010 12:04:23 PM - Configured Stronghold 2 Deluxe
RP649: 10/4/2010 12:51:52 PM - System Checkpoint
RP650: 10/4/2010 6:32:37 PM - Software Distribution Service 3.0
RP651: 10/6/2010 5:54:33 AM - Software Distribution Service 3.0
RP652: 10/7/2010 2:05:08 AM - Software Distribution Service 3.0
RP653: 10/8/2010 6:06:54 AM - Software Distribution Service 3.0
RP654: 10/8/2010 6:57:47 AM - Software Distribution Service 3.0
RP655: 10/9/2010 3:11:13 PM - System Checkpoint
RP656: 10/10/2010 7:35:39 AM - Software Distribution Service 3.0
RP657: 10/11/2010 11:08:29 AM - Software Distribution Service 3.0
RP658: 10/12/2010 1:11:07 PM - System Checkpoint
RP659: 10/12/2010 5:33:57 PM - Software Distribution Service 3.0
RP660: 10/13/2010 1:47:25 AM - Software Distribution Service 3.0
RP661: 10/13/2010 6:37:02 AM - Software Distribution Service 3.0
RP662: 10/14/2010 6:26:34 AM - Software Distribution Service 3.0
RP663: 10/14/2010 6:58:11 AM - Software Distribution Service 3.0
RP664: 10/15/2010 6:43:10 AM - Installed iTunes
RP665: 10/15/2010 9:37:43 PM - Software Distribution Service 3.0
RP666: 10/16/2010 1:51:26 AM - Software Distribution Service 3.0
RP667: 10/16/2010 6:58:23 AM - Software Distribution Service 3.0
RP668: 10/17/2010 1:51:42 AM - Software Distribution Service 3.0
RP669: 10/17/2010 6:54:42 AM - Software Distribution Service 3.0
RP670: 10/18/2010 2:28:41 AM - Software Distribution Service 3.0
RP671: 10/18/2010 8:35:46 AM - Software Distribution Service 3.0
RP672: 10/19/2010 2:29:50 AM - Software Distribution Service 3.0
RP673: 10/19/2010 8:34:16 AM - Software Distribution Service 3.0
RP674: 10/20/2010 2:28:45 AM - Software Distribution Service 3.0
RP675: 10/20/2010 8:35:06 AM - Software Distribution Service 3.0
RP676: 10/21/2010 2:13:13 AM - Software Distribution Service 3.0
RP677: 10/22/2010 2:09:55 AM - Software Distribution Service 3.0
RP678: 10/22/2010 10:56:40 AM - Software Distribution Service 3.0
RP679: 10/23/2010 2:10:22 AM - Software Distribution Service 3.0
RP680: 10/23/2010 10:57:52 AM - Software Distribution Service 3.0
RP681: 10/24/2010 2:09:34 AM - Software Distribution Service 3.0
RP682: 10/24/2010 10:58:26 AM - Software Distribution Service 3.0
RP683: 10/25/2010 2:26:34 AM - Software Distribution Service 3.0
RP684: 10/25/2010 4:45:11 PM - Software Distribution Service 3.0
RP685: 10/26/2010 5:39:52 PM - System Checkpoint
RP686: 10/27/2010 2:00:13 AM - Software Distribution Service 3.0
RP687: 10/27/2010 2:52:56 PM - Software Distribution Service 3.0
RP688: 10/28/2010 1:53:28 AM - Software Distribution Service 3.0
RP689: 10/29/2010 2:09:12 AM - System Checkpoint
RP690: 10/29/2010 2:10:35 AM - Software Distribution Service 3.0
RP691: 10/29/2010 3:13:32 PM - Software Distribution Service 3.0
RP692: 10/30/2010 2:11:24 AM - Software Distribution Service 3.0
RP693: 10/30/2010 3:12:52 PM - Software Distribution Service 3.0
RP694: 10/31/2010 3:37:16 PM - System Checkpoint
RP695: 11/1/2010 2:09:35 AM - Software Distribution Service 3.0
RP696: 11/1/2010 7:16:42 AM - Software Distribution Service 3.0
RP697: 11/2/2010 11:39:30 AM - System Checkpoint
RP698: 11/2/2010 11:42:12 AM - Software Distribution Service 3.0
RP699: 11/3/2010 11:49:59 AM - System Checkpoint
RP700: 11/3/2010 2:43:57 PM - Software Distribution Service 3.0
RP701: 11/4/2010 9:02:08 AM - Removed Ask Toolbar.
RP702: 11/4/2010 9:03:13 AM - Removed Bonjour
RP703: 11/4/2010 4:56:47 PM - Software Distribution Service 3.0
RP704: 11/4/2010 7:38:46 PM - Configured Microsoft Office Enterprise 2007
RP705: 11/5/2010 5:37:24 PM - Software Distribution Service 3.0
RP706: 11/6/2010 6:36:35 PM - System Checkpoint
RP707: 11/7/2010 6:37:28 AM - Software Distribution Service 3.0
RP708: 11/8/2010 6:42:21 AM - System Checkpoint
RP709: 11/8/2010 5:54:51 PM - Software Distribution Service 3.0
RP710: 11/9/2010 5:57:57 PM - Software Distribution Service 3.0
RP711: 11/10/2010 6:35:01 PM - Software Distribution Service 3.0
RP712: 11/11/2010 6:11:45 AM - Software Distribution Service 3.0
RP713: 11/12/2010 7:14:28 AM - Software Distribution Service 3.0
RP714: 11/13/2010 10:55:40 AM - System Checkpoint
RP715: 11/13/2010 6:29:41 PM - Software Distribution Service 3.0
RP716: 11/14/2010 6:56:40 PM - System Checkpoint
RP717: 11/15/2010 7:19:19 AM - Software Distribution Service 3.0
RP718: 11/15/2010 5:53:56 PM - Software Distribution Service 3.0
RP719: 11/16/2010 8:22:54 PM - Software Distribution Service 3.0
RP720: 11/17/2010 8:24:15 PM - System Checkpoint
RP721: 11/18/2010 5:52:21 AM - Software Distribution Service 3.0
RP722: 11/18/2010 3:48:06 PM - Configured Microsoft Office Enterprise 2007
RP723: 11/18/2010 3:48:29 PM - Configured Microsoft Office Enterprise 2007
RP724: 11/19/2010 12:22:10 PM - Software Distribution Service 3.0
RP725: 11/20/2010 2:35:43 PM - System Checkpoint
RP726: 11/21/2010 6:51:54 AM - Software Distribution Service 3.0
RP727: 11/22/2010 7:06:00 AM - System Checkpoint
RP728: 11/22/2010 11:25:53 AM - Software Distribution Service 3.0
RP729: 11/23/2010 11:34:12 AM - Software Distribution Service 3.0
RP730: 11/24/2010 2:27:11 AM - Software Distribution Service 3.0
RP731: 11/24/2010 10:55:27 AM - Removed AVG Free 8.5
RP732: 11/24/2010 10:58:17 AM - Installed AVG Free 8.5
RP733: 11/24/2010 11:16:19 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP734: 11/24/2010 11:16:30 AM - Installed AVG 2011
RP735: 11/24/2010 11:21:23 AM - Installed AVG 2011
RP736: 11/25/2010 12:36:42 PM - System Checkpoint
RP737: 11/26/2010 1:03:27 PM - System Checkpoint
RP738: 11/27/2010 6:59:03 PM - System Checkpoint
RP739: 11/28/2010 7:18:01 PM - System Checkpoint
RP740: 11/30/2010 6:35:28 AM - System Checkpoint
RP741: 12/1/2010 9:01:13 AM - System Checkpoint
RP742: 12/2/2010 4:14:31 PM - System Checkpoint
RP743: 12/4/2010 11:02:21 AM - System Checkpoint
RP744: 12/5/2010 12:00:32 PM - System Checkpoint
RP745: 12/6/2010 6:44:58 PM - System Checkpoint
RP746: 12/8/2010 8:56:27 AM - System Checkpoint
RP747: 12/9/2010 6:52:33 AM - Installed Opera 10.63.
RP748: 12/10/2010 6:52:58 AM - System Checkpoint
RP749: 12/11/2010 8:27:14 AM - System Checkpoint
RP750: 12/12/2010 9:22:58 AM - System Checkpoint
RP751: 12/13/2010 7:18:54 PM - System Checkpoint
RP752: 12/14/2010 8:35:14 PM - System Checkpoint
RP753: 12/15/2010 3:00:37 AM - Software Distribution Service 3.0
RP754: 12/16/2010 6:38:07 AM - System Checkpoint
RP755: 12/17/2010 6:39:41 AM - Software Distribution Service 3.0
RP756: 12/17/2010 6:40:54 AM - Removed Opera 10.63.
RP757: 12/17/2010 6:41:39 AM - Installed Opera 11.00.
RP758: 12/18/2010 6:47:22 AM - Software Distribution Service 3.0
RP759: 12/20/2010 11:45:32 AM - System Checkpoint
RP760: 12/22/2010 4:10:04 PM - System Checkpoint

==== Installed Programs ======================

18 Wheels of Steel: Convoy 1.0
Acrobat.com
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Age of Empires III
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Barbie™ Explorer™
Battleship SURFACE THUNDER
BufferChm
ClamWin Free Antivirus 0.95.2
Combat Wings - Battle of Britain (1.0)
Combat Wings (1.0)
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Crazy Taxi
Deer Hunter 5 v1.2
Delta Force Land Warrior
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
EasyCleaner
eSupportQFolder
F300
F300_Help
Fax_CDA
GIMP 2.6.6
Google Earth
Google Update Helper
Helicopter Strike Force
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
Image Resizer Powertoy for Windows XP
InCD
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java™ 6 Update 13
Java™ 6 Update 7
LEGO Digital Designer
LucasArts' The Phantom Menace
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Minnesota Cuke
Mixer
Monster Jam
Mozilla Firefox (3.6.13)
MS Access 97 SP2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Myst for Windows 95
Nancy Drew: Last Train to Blue Moon Canyon
Nancy Drew: Secret of Shadow Ranch
Nancy Drew: Secret of the Old Clock
Nancy Drew: Secrets Can Kill
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Haunting of Castle Malloy
Nancy Drew: Treasure in the Royal Tower
Need For Speed High Stakes
Need for Speed™ Carbon
Nero OEM
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.1
Opera 11.00
Pac-Man World 2
Pajama Sam Life is Rough When You Lose Your Stuff
Picasa 3
PowerDVD
PrintMaster Platinum 17
ProductContextNPI
QuickTime
Readme
Roll
Roller Rush
RollerCoaster Tycoon 2
Scan
ScannerCopy
Secret Agent™ Barbie™
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
SigmaTel Audio
SimCity 3000 Unlimited
SimCoaster
SimSafari
SimTheme Park
SolutionCenter
Sound Blaster Audigy ADVANCED MB Demo
Space Invaders
Spybot - Search & Destroy
SpywareBlaster 4.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars JK II Jedi Outcast
Status
Street Legal Racing Redline
Stronghold 2 Deluxe
Stronghold Crusader
Test Drive Off-Road 3
The Hardy Boys - The Hidden Theft
THE SETTLERS - Rise of an Empire
Time to Ride
Toolbox
TrayApp
Tux Paint 0.9.20b
Tux Paint Stamps 2008.06.30
Unity Web Player (All users)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows XP (KB2467659)
VeggieTalesJonah
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
WD Diagnostics
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World War II - Pacific Heroes (1.0)
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12/26/2010 8:05:14 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/26/2010 2:37:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001320DCECDF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/23/2010 7:01:58 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/23/2010 5:57:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prosync1
12/23/2010 5:56:38 PM, error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: The system cannot find the file specified.
12/23/2010 5:53:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/22/2010 12:02:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/21/2010 6:36:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================



DDS (Ver_10-12-12.02) - NTFSx86
Run by Colleen at 11:30:56.34 on Mon 12/27/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.422 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Colleen\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = res://c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - c:\progra~1\copern~1\COPERN~1.DLL
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6

OK Gringo, Here are the reports:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2009 8:41:29 AM
System Uptime: 12/27/2010 11:14:17 AM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 33.085 GiB free.
D: is CDROM (CDFS)
F: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP631: 9/21/2010 2:44:58 PM - Software Distribution Service 3.0
RP632: 9/22/2010 6:43:01 PM - System Checkpoint
RP633: 9/23/2010 11:24:58 AM - Software Distribution Service 3.0
RP634: 9/24/2010 2:55:41 PM - Software Distribution Service 3.0
RP635: 9/25/2010 3:39:29 PM - Software Distribution Service 3.0
RP636: 9/26/2010 5:20:19 PM - Software Distribution Service 3.0
RP637: 9/27/2010 5:36:22 PM - Software Distribution Service 3.0
RP638: 9/28/2010 6:05:59 PM - Software Distribution Service 3.0
RP639: 9/29/2010 8:14:19 PM - System Checkpoint
RP640: 9/30/2010 6:02:30 AM - Software Distribution Service 3.0
RP641: 9/30/2010 6:13:40 AM - Software Distribution Service 3.0
RP642: 10/1/2010 6:05:31 AM - Software Distribution Service 3.0
RP643: 10/1/2010 6:17:12 AM - Software Distribution Service 3.0
RP644: 10/2/2010 6:54:26 AM - Software Distribution Service 3.0
RP645: 10/3/2010 8:55:38 AM - System Checkpoint
RP646: 10/3/2010 11:17:34 AM - Software Distribution Service 3.0
RP647: 10/3/2010 11:55:57 AM - Configured Stronghold 2 Deluxe
RP648: 10/3/2010 12:04:23 PM - Configured Stronghold 2 Deluxe
RP649: 10/4/2010 12:51:52 PM - System Checkpoint
RP650: 10/4/2010 6:32:37 PM - Software Distribution Service 3.0
RP651: 10/6/2010 5:54:33 AM - Software Distribution Service 3.0
RP652: 10/7/2010 2:05:08 AM - Software Distribution Service 3.0
RP653: 10/8/2010 6:06:54 AM - Software Distribution Service 3.0
RP654: 10/8/2010 6:57:47 AM - Software Distribution Service 3.0
RP655: 10/9/2010 3:11:13 PM - System Checkpoint
RP656: 10/10/2010 7:35:39 AM - Software Distribution Service 3.0
RP657: 10/11/2010 11:08:29 AM - Software Distribution Service 3.0
RP658: 10/12/2010 1:11:07 PM - System Checkpoint
RP659: 10/12/2010 5:33:57 PM - Software Distribution Service 3.0
RP660: 10/13/2010 1:47:25 AM - Software Distribution Service 3.0
RP661: 10/13/2010 6:37:02 AM - Software Distribution Service 3.0
RP662: 10/14/2010 6:26:34 AM - Software Distribution Service 3.0
RP663: 10/14/2010 6:58:11 AM - Software Distribution Service 3.0
RP664: 10/15/2010 6:43:10 AM - Installed iTunes
RP665: 10/15/2010 9:37:43 PM - Software Distribution Service 3.0
RP666: 10/16/2010 1:51:26 AM - Software Distribution Service 3.0
RP667: 10/16/2010 6:58:23 AM - Software Distribution Service 3.0
RP668: 10/17/2010 1:51:42 AM - Software Distribution Service 3.0
RP669: 10/17/2010 6:54:42 AM - Software Distribution Service 3.0
RP670: 10/18/2010 2:28:41 AM - Software Distribution Service 3.0
RP671: 10/18/2010 8:35:46 AM - Software Distribution Service 3.0
RP672: 10/19/2010 2:29:50 AM - Software Distribution Service 3.0
RP673: 10/19/2010 8:34:16 AM - Software Distribution Service 3.0
RP674: 10/20/2010 2:28:45 AM - Software Distribution Service 3.0
RP675: 10/20/2010 8:35:06 AM - Software Distribution Service 3.0
RP676: 10/21/2010 2:13:13 AM - Software Distribution Service 3.0
RP677: 10/22/2010 2:09:55 AM - Software Distribution Service 3.0
RP678: 10/22/2010 10:56:40 AM - Software Distribution Service 3.0
RP679: 10/23/2010 2:10:22 AM - Software Distribution Service 3.0
RP680: 10/23/2010 10:57:52 AM - Software Distribution Service 3.0
RP681: 10/24/2010 2:09:34 AM - Software Distribution Service 3.0
RP682: 10/24/2010 10:58:26 AM - Software Distribution Service 3.0
RP683: 10/25/2010 2:26:34 AM - Software Distribution Service 3.0
RP684: 10/25/2010 4:45:11 PM - Software Distribution Service 3.0
RP685: 10/26/2010 5:39:52 PM - System Checkpoint
RP686: 10/27/2010 2:00:13 AM - Software Distribution Service 3.0
RP687: 10/27/2010 2:52:56 PM - Software Distribution Service 3.0
RP688: 10/28/2010 1:53:28 AM - Software Distribution Service 3.0
RP689: 10/29/2010 2:09:12 AM - System Checkpoint
RP690: 10/29/2010 2:10:35 AM - Software Distribution Service 3.0
RP691: 10/29/2010 3:13:32 PM - Software Distribution Service 3.0
RP692: 10/30/2010 2:11:24 AM - Software Distribution Service 3.0
RP693: 10/30/2010 3:12:52 PM - Software Distribution Service 3.0
RP694: 10/31/2010 3:37:16 PM - System Checkpoint
RP695: 11/1/2010 2:09:35 AM - Software Distribution Service 3.0
RP696: 11/1/2010 7:16:42 AM - Software Distribution Service 3.0
RP697: 11/2/2010 11:39:30 AM - System Checkpoint
RP698: 11/2/2010 11:42:12 AM - Software Distribution Service 3.0
RP699: 11/3/2010 11:49:59 AM - System Checkpoint
RP700: 11/3/2010 2:43:57 PM - Software Distribution Service 3.0
RP701: 11/4/2010 9:02:08 AM - Removed Ask Toolbar.
RP702: 11/4/2010 9:03:13 AM - Removed Bonjour
RP703: 11/4/2010 4:56:47 PM - Software Distribution Service 3.0
RP704: 11/4/2010 7:38:46 PM - Configured Microsoft Office Enterprise 2007
RP705: 11/5/2010 5:37:24 PM - Software Distribution Service 3.0
RP706: 11/6/2010 6:36:35 PM - System Checkpoint
RP707: 11/7/2010 6:37:28 AM - Software Distribution Service 3.0
RP708: 11/8/2010 6:42:21 AM - System Checkpoint
RP709: 11/8/2010 5:54:51 PM - Software Distribution Service 3.0
RP710: 11/9/2010 5:57:57 PM - Software Distribution Service 3.0
RP711: 11/10/2010 6:35:01 PM - Software Distribution Service 3.0
RP712: 11/11/2010 6:11:45 AM - Software Distribution Service 3.0
RP713: 11/12/2010 7:14:28 AM - Software Distribution Service 3.0
RP714: 11/13/2010 10:55:40 AM - System Checkpoint
RP715: 11/13/2010 6:29:41 PM - Software Distribution Service 3.0
RP716: 11/14/2010 6:56:40 PM - System Checkpoint
RP717: 11/15/2010 7:19:19 AM - Software Distribution Service 3.0
RP718: 11/15/2010 5:53:56 PM - Software Distribution Service 3.0
RP719: 11/16/2010 8:22:54 PM - Software Distribution Service 3.0
RP720: 11/17/2010 8:24:15 PM - System Checkpoint
RP721: 11/18/2010 5:52:21 AM - Software Distribution Service 3.0
RP722: 11/18/2010 3:48:06 PM - Configured Microsoft Office Enterprise 2007
RP723: 11/18/2010 3:48:29 PM - Configured Microsoft Office Enterprise 2007
RP724: 11/19/2010 12:22:10 PM - Software Distribution Service 3.0
RP725: 11/20/2010 2:35:43 PM - System Checkpoint
RP726: 11/21/2010 6:51:54 AM - Software Distribution Service 3.0
RP727: 11/22/2010 7:06:00 AM - System Checkpoint
RP728: 11/22/2010 11:25:53 AM - Software Distribution Service 3.0
RP729: 11/23/2010 11:34:12 AM - Software Distribution Service 3.0
RP730: 11/24/2010 2:27:11 AM - Software Distribution Service 3.0
RP731: 11/24/2010 10:55:27 AM - Removed AVG Free 8.5
RP732: 11/24/2010 10:58:17 AM - Installed AVG Free 8.5
RP733: 11/24/2010 11:16:19 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP734: 11/24/2010 11:16:30 AM - Installed AVG 2011
RP735: 11/24/2010 11:21:23 AM - Installed AVG 2011
RP736: 11/25/2010 12:36:42 PM - System Checkpoint
RP737: 11/26/2010 1:03:27 PM - System Checkpoint
RP738: 11/27/2010 6:59:03 PM - System Checkpoint
RP739: 11/28/2010 7:18:01 PM - System Checkpoint
RP740: 11/30/2010 6:35:28 AM - System Checkpoint
RP741: 12/1/2010 9:01:13 AM - System Checkpoint
RP742: 12/2/2010 4:14:31 PM - System Checkpoint
RP743: 12/4/2010 11:02:21 AM - System Checkpoint
RP744: 12/5/2010 12:00:32 PM - System Checkpoint
RP745: 12/6/2010 6:44:58 PM - System Checkpoint
RP746: 12/8/2010 8:56:27 AM - System Checkpoint
RP747: 12/9/2010 6:52:33 AM - Installed Opera 10.63.
RP748: 12/10/2010 6:52:58 AM - System Checkpoint
RP749: 12/11/2010 8:27:14 AM - System Checkpoint
RP750: 12/12/2010 9:22:58 AM - System Checkpoint
RP751: 12/13/2010 7:18:54 PM - System Checkpoint
RP752: 12/14/2010 8:35:14 PM - System Checkpoint
RP753: 12/15/2010 3:00:37 AM - Software Distribution Service 3.0
RP754: 12/16/2010 6:38:07 AM - System Checkpoint
RP755: 12/17/2010 6:39:41 AM - Software Distribution Service 3.0
RP756: 12/17/2010 6:40:54 AM - Removed Opera 10.63.
RP757: 12/17/2010 6:41:39 AM - Installed Opera 11.00.
RP758: 12/18/2010 6:47:22 AM - Software Distribution Service 3.0
RP759: 12/20/2010 11:45:32 AM - System Checkpoint
RP760: 12/22/2010 4:10:04 PM - System Checkpoint

==== Installed Programs ======================

18 Wheels of Steel: Convoy 1.0
Acrobat.com
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Age of Empires III
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Barbie™ Explorer™
Battleship SURFACE THUNDER
BufferChm
ClamWin Free Antivirus 0.95.2
Combat Wings - Battle of Britain (1.0)
Combat Wings (1.0)
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Crazy Taxi
Deer Hunter 5 v1.2
Delta Force Land Warrior
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
EasyCleaner
eSupportQFolder
F300
F300_Help
Fax_CDA
GIMP 2.6.6
Google Earth
Google Update Helper
Helicopter Strike Force
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
Image Resizer Powertoy for Windows XP
InCD
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java™ 6 Update 13
Java™ 6 Update 7
LEGO Digital Designer
LucasArts' The Phantom Menace
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Minnesota Cuke
Mixer
Monster Jam
Mozilla Firefox (3.6.13)
MS Access 97 SP2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Myst for Windows 95
Nancy Drew: Last Train to Blue Moon Canyon
Nancy Drew: Secret of Shadow Ranch
Nancy Drew: Secret of the Old Clock
Nancy Drew: Secrets Can Kill
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Haunting of Castle Malloy
Nancy Drew: Treasure in the Royal Tower
Need For Speed High Stakes
Need for Speed™ Carbon
Nero OEM
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.1
Opera 11.00
Pac-Man World 2
Pajama Sam Life is Rough When You Lose Your Stuff
Picasa 3
PowerDVD
PrintMaster Platinum 17
ProductContextNPI
QuickTime
Readme
Roll
Roller Rush
RollerCoaster Tycoon 2
Scan
ScannerCopy
Secret Agent™ Barbie™
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
SigmaTel Audio
SimCity 3000 Unlimited
SimCoaster
SimSafari
SimTheme Park
SolutionCenter
Sound Blaster Audigy ADVANCED MB Demo
Space Invaders
Spybot - Search & Destroy
SpywareBlaster 4.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars JK II Jedi Outcast
Status
Street Legal Racing Redline
Stronghold 2 Deluxe
Stronghold Crusader
Test Drive Off-Road 3
The Hardy Boys - The Hidden Theft
THE SETTLERS - Rise of an Empire
Time to Ride
Toolbox
TrayApp
Tux Paint 0.9.20b
Tux Paint Stamps 2008.06.30
Unity Web Player (All users)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows XP (KB2467659)
VeggieTalesJonah
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
WD Diagnostics
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World War II - Pacific Heroes (1.0)
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12/26/2010 8:05:14 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/26/2010 2:37:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001320DCECDF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/23/2010 7:01:58 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/23/2010 5:57:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prosync1
12/23/2010 5:56:38 PM, error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: The system cannot find the file specified.
12/23/2010 5:53:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/22/2010 12:02:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/21/2010 6:36:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================



DDS (Ver_10-12-12.02) - NTFSx86
Run by Colleen at 11:30:56.34 on Mon 12/27/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.422 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Colleen\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = res://c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - c:\progra~1\copern~1\COPERN~1.DLL
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6

OK Gringo, Here are the reports:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2009 8:41:29 AM
System Uptime: 12/27/2010 11:14:17 AM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 33.085 GiB free.
D: is CDROM (CDFS)
F: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP631: 9/21/2010 2:44:58 PM - Software Distribution Service 3.0
RP632: 9/22/2010 6:43:01 PM - System Checkpoint
RP633: 9/23/2010 11:24:58 AM - Software Distribution Service 3.0
RP634: 9/24/2010 2:55:41 PM - Software Distribution Service 3.0
RP635: 9/25/2010 3:39:29 PM - Software Distribution Service 3.0
RP636: 9/26/2010 5:20:19 PM - Software Distribution Service 3.0
RP637: 9/27/2010 5:36:22 PM - Software Distribution Service 3.0
RP638: 9/28/2010 6:05:59 PM - Software Distribution Service 3.0
RP639: 9/29/2010 8:14:19 PM - System Checkpoint
RP640: 9/30/2010 6:02:30 AM - Software Distribution Service 3.0
RP641: 9/30/2010 6:13:40 AM - Software Distribution Service 3.0
RP642: 10/1/2010 6:05:31 AM - Software Distribution Service 3.0
RP643: 10/1/2010 6:17:12 AM - Software Distribution Service 3.0
RP644: 10/2/2010 6:54:26 AM - Software Distribution Service 3.0
RP645: 10/3/2010 8:55:38 AM - System Checkpoint
RP646: 10/3/2010 11:17:34 AM - Software Distribution Service 3.0
RP647: 10/3/2010 11:55:57 AM - Configured Stronghold 2 Deluxe
RP648: 10/3/2010 12:04:23 PM - Configured Stronghold 2 Deluxe
RP649: 10/4/2010 12:51:52 PM - System Checkpoint
RP650: 10/4/2010 6:32:37 PM - Software Distribution Service 3.0
RP651: 10/6/2010 5:54:33 AM - Software Distribution Service 3.0
RP652: 10/7/2010 2:05:08 AM - Software Distribution Service 3.0
RP653: 10/8/2010 6:06:54 AM - Software Distribution Service 3.0
RP654: 10/8/2010 6:57:47 AM - Software Distribution Service 3.0
RP655: 10/9/2010 3:11:13 PM - System Checkpoint
RP656: 10/10/2010 7:35:39 AM - Software Distribution Service 3.0
RP657: 10/11/2010 11:08:29 AM - Software Distribution Service 3.0
RP658: 10/12/2010 1:11:07 PM - System Checkpoint
RP659: 10/12/2010 5:33:57 PM - Software Distribution Service 3.0
RP660: 10/13/2010 1:47:25 AM - Software Distribution Service 3.0
RP661: 10/13/2010 6:37:02 AM - Software Distribution Service 3.0
RP662: 10/14/2010 6:26:34 AM - Software Distribution Service 3.0
RP663: 10/14/2010 6:58:11 AM - Software Distribution Service 3.0
RP664: 10/15/2010 6:43:10 AM - Installed iTunes
RP665: 10/15/2010 9:37:43 PM - Software Distribution Service 3.0
RP666: 10/16/2010 1:51:26 AM - Software Distribution Service 3.0
RP667: 10/16/2010 6:58:23 AM - Software Distribution Service 3.0
RP668: 10/17/2010 1:51:42 AM - Software Distribution Service 3.0
RP669: 10/17/2010 6:54:42 AM - Software Distribution Service 3.0
RP670: 10/18/2010 2:28:41 AM - Software Distribution Service 3.0
RP671: 10/18/2010 8:35:46 AM - Software Distribution Service 3.0
RP672: 10/19/2010 2:29:50 AM - Software Distribution Service 3.0
RP673: 10/19/2010 8:34:16 AM - Software Distribution Service 3.0
RP674: 10/20/2010 2:28:45 AM - Software Distribution Service 3.0
RP675: 10/20/2010 8:35:06 AM - Software Distribution Service 3.0
RP676: 10/21/2010 2:13:13 AM - Software Distribution Service 3.0
RP677: 10/22/2010 2:09:55 AM - Software Distribution Service 3.0
RP678: 10/22/2010 10:56:40 AM - Software Distribution Service 3.0
RP679: 10/23/2010 2:10:22 AM - Software Distribution Service 3.0
RP680: 10/23/2010 10:57:52 AM - Software Distribution Service 3.0
RP681: 10/24/2010 2:09:34 AM - Software Distribution Service 3.0
RP682: 10/24/2010 10:58:26 AM - Software Distribution Service 3.0
RP683: 10/25/2010 2:26:34 AM - Software Distribution Service 3.0
RP684: 10/25/2010 4:45:11 PM - Software Distribution Service 3.0
RP685: 10/26/2010 5:39:52 PM - System Checkpoint
RP686: 10/27/2010 2:00:13 AM - Software Distribution Service 3.0
RP687: 10/27/2010 2:52:56 PM - Software Distribution Service 3.0
RP688: 10/28/2010 1:53:28 AM - Software Distribution Service 3.0
RP689: 10/29/2010 2:09:12 AM - System Checkpoint
RP690: 10/29/2010 2:10:35 AM - Software Distribution Service 3.0
RP691: 10/29/2010 3:13:32 PM - Software Distribution Service 3.0
RP692: 10/30/2010 2:11:24 AM - Software Distribution Service 3.0
RP693: 10/30/2010 3:12:52 PM - Software Distribution Service 3.0
RP694: 10/31/2010 3:37:16 PM - System Checkpoint
RP695: 11/1/2010 2:09:35 AM - Software Distribution Service 3.0
RP696: 11/1/2010 7:16:42 AM - Software Distribution Service 3.0
RP697: 11/2/2010 11:39:30 AM - System Checkpoint
RP698: 11/2/2010 11:42:12 AM - Software Distribution Service 3.0
RP699: 11/3/2010 11:49:59 AM - System Checkpoint
RP700: 11/3/2010 2:43:57 PM - Software Distribution Service 3.0
RP701: 11/4/2010 9:02:08 AM - Removed Ask Toolbar.
RP702: 11/4/2010 9:03:13 AM - Removed Bonjour
RP703: 11/4/2010 4:56:47 PM - Software Distribution Service 3.0
RP704: 11/4/2010 7:38:46 PM - Configured Microsoft Office Enterprise 2007
RP705: 11/5/2010 5:37:24 PM - Software Distribution Service 3.0
RP706: 11/6/2010 6:36:35 PM - System Checkpoint
RP707: 11/7/2010 6:37:28 AM - Software Distribution Service 3.0
RP708: 11/8/2010 6:42:21 AM - System Checkpoint
RP709: 11/8/2010 5:54:51 PM - Software Distribution Service 3.0
RP710: 11/9/2010 5:57:57 PM - Software Distribution Service 3.0
RP711: 11/10/2010 6:35:01 PM - Software Distribution Service 3.0
RP712: 11/11/2010 6:11:45 AM - Software Distribution Service 3.0
RP713: 11/12/2010 7:14:28 AM - Software Distribution Service 3.0
RP714: 11/13/2010 10:55:40 AM - System Checkpoint
RP715: 11/13/2010 6:29:41 PM - Software Distribution Service 3.0
RP716: 11/14/2010 6:56:40 PM - System Checkpoint
RP717: 11/15/2010 7:19:19 AM - Software Distribution Service 3.0
RP718: 11/15/2010 5:53:56 PM - Software Distribution Service 3.0
RP719: 11/16/2010 8:22:54 PM - Software Distribution Service 3.0
RP720: 11/17/2010 8:24:15 PM - System Checkpoint
RP721: 11/18/2010 5:52:21 AM - Software Distribution Service 3.0
RP722: 11/18/2010 3:48:06 PM - Configured Microsoft Office Enterprise 2007
RP723: 11/18/2010 3:48:29 PM - Configured Microsoft Office Enterprise 2007
RP724: 11/19/2010 12:22:10 PM - Software Distribution Service 3.0
RP725: 11/20/2010 2:35:43 PM - System Checkpoint
RP726: 11/21/2010 6:51:54 AM - Software Distribution Service 3.0
RP727: 11/22/2010 7:06:00 AM - System Checkpoint
RP728: 11/22/2010 11:25:53 AM - Software Distribution Service 3.0
RP729: 11/23/2010 11:34:12 AM - Software Distribution Service 3.0
RP730: 11/24/2010 2:27:11 AM - Software Distribution Service 3.0
RP731: 11/24/2010 10:55:27 AM - Removed AVG Free 8.5
RP732: 11/24/2010 10:58:17 AM - Installed AVG Free 8.5
RP733: 11/24/2010 11:16:19 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP734: 11/24/2010 11:16:30 AM - Installed AVG 2011
RP735: 11/24/2010 11:21:23 AM - Installed AVG 2011
RP736: 11/25/2010 12:36:42 PM - System Checkpoint
RP737: 11/26/2010 1:03:27 PM - System Checkpoint
RP738: 11/27/2010 6:59:03 PM - System Checkpoint
RP739: 11/28/2010 7:18:01 PM - System Checkpoint
RP740: 11/30/2010 6:35:28 AM - System Checkpoint
RP741: 12/1/2010 9:01:13 AM - System Checkpoint
RP742: 12/2/2010 4:14:31 PM - System Checkpoint
RP743: 12/4/2010 11:02:21 AM - System Checkpoint
RP744: 12/5/2010 12:00:32 PM - System Checkpoint
RP745: 12/6/2010 6:44:58 PM - System Checkpoint
RP746: 12/8/2010 8:56:27 AM - System Checkpoint
RP747: 12/9/2010 6:52:33 AM - Installed Opera 10.63.
RP748: 12/10/2010 6:52:58 AM - System Checkpoint
RP749: 12/11/2010 8:27:14 AM - System Checkpoint
RP750: 12/12/2010 9:22:58 AM - System Checkpoint
RP751: 12/13/2010 7:18:54 PM - System Checkpoint
RP752: 12/14/2010 8:35:14 PM - System Checkpoint
RP753: 12/15/2010 3:00:37 AM - Software Distribution Service 3.0
RP754: 12/16/2010 6:38:07 AM - System Checkpoint
RP755: 12/17/2010 6:39:41 AM - Software Distribution Service 3.0
RP756: 12/17/2010 6:40:54 AM - Removed Opera 10.63.
RP757: 12/17/2010 6:41:39 AM - Installed Opera 11.00.
RP758: 12/18/2010 6:47:22 AM - Software Distribution Service 3.0
RP759: 12/20/2010 11:45:32 AM - System Checkpoint
RP760: 12/22/2010 4:10:04 PM - System Checkpoint

==== Installed Programs ======================

18 Wheels of Steel: Convoy 1.0
Acrobat.com
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Age of Empires III
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Barbie™ Explorer™
Battleship SURFACE THUNDER
BufferChm
ClamWin Free Antivirus 0.95.2
Combat Wings - Battle of Britain (1.0)
Combat Wings (1.0)
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Crazy Taxi
Deer Hunter 5 v1.2
Delta Force Land Warrior
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
EasyCleaner
eSupportQFolder
F300
F300_Help
Fax_CDA
GIMP 2.6.6
Google Earth
Google Update Helper
Helicopter Strike Force
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
Image Resizer Powertoy for Windows XP
InCD
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java™ 6 Update 13
Java™ 6 Update 7
LEGO Digital Designer
LucasArts' The Phantom Menace
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Minnesota Cuke
Mixer
Monster Jam
Mozilla Firefox (3.6.13)
MS Access 97 SP2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Myst for Windows 95
Nancy Drew: Last Train to Blue Moon Canyon
Nancy Drew: Secret of Shadow Ranch
Nancy Drew: Secret of the Old Clock
Nancy Drew: Secrets Can Kill
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Haunting of Castle Malloy
Nancy Drew: Treasure in the Royal Tower
Need For Speed High Stakes
Need for Speed™ Carbon
Nero OEM
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.1
Opera 11.00
Pac-Man World 2
Pajama Sam Life is Rough When You Lose Your Stuff
Picasa 3
PowerDVD
PrintMaster Platinum 17
ProductContextNPI
QuickTime
Readme
Roll
Roller Rush
RollerCoaster Tycoon 2
Scan
ScannerCopy
Secret Agent™ Barbie™
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
SigmaTel Audio
SimCity 3000 Unlimited
SimCoaster
SimSafari
SimTheme Park
SolutionCenter
Sound Blaster Audigy ADVANCED MB Demo
Space Invaders
Spybot - Search & Destroy
SpywareBlaster 4.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars JK II Jedi Outcast
Status
Street Legal Racing Redline
Stronghold 2 Deluxe
Stronghold Crusader
Test Drive Off-Road 3
The Hardy Boys - The Hidden Theft
THE SETTLERS - Rise of an Empire
Time to Ride
Toolbox
TrayApp
Tux Paint 0.9.20b
Tux Paint Stamps 2008.06.30
Unity Web Player (All users)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows XP (KB2467659)
VeggieTalesJonah
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
WD Diagnostics
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World War II - Pacific Heroes (1.0)
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12/26/2010 8:05:14 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/26/2010 2:37:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001320DCECDF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/23/2010 7:01:58 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/23/2010 5:57:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prosync1
12/23/2010 5:56:38 PM, error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: The system cannot find the file specified.
12/23/2010 5:53:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/22/2010 12:02:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/21/2010 6:36:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================



DDS (Ver_10-12-12.02) - NTFSx86
Run by Colleen at 11:30:56.34 on Mon 12/27/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.422 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Colleen\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = res://c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - c:\progra~1\copern~1\COPERN~1.DLL
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6

OK Gringo, Here are the reports:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2009 8:41:29 AM
System Uptime: 12/27/2010 11:14:17 AM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 33.085 GiB free.
D: is CDROM (CDFS)
F: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP631: 9/21/2010 2:44:58 PM - Software Distribution Service 3.0
RP632: 9/22/2010 6:43:01 PM - System Checkpoint
RP633: 9/23/2010 11:24:58 AM - Software Distribution Service 3.0
RP634: 9/24/2010 2:55:41 PM - Software Distribution Service 3.0
RP635: 9/25/2010 3:39:29 PM - Software Distribution Service 3.0
RP636: 9/26/2010 5:20:19 PM - Software Distribution Service 3.0
RP637: 9/27/2010 5:36:22 PM - Software Distribution Service 3.0
RP638: 9/28/2010 6:05:59 PM - Software Distribution Service 3.0
RP639: 9/29/2010 8:14:19 PM - System Checkpoint
RP640: 9/30/2010 6:02:30 AM - Software Distribution Service 3.0
RP641: 9/30/2010 6:13:40 AM - Software Distribution Service 3.0
RP642: 10/1/2010 6:05:31 AM - Software Distribution Service 3.0
RP643: 10/1/2010 6:17:12 AM - Software Distribution Service 3.0
RP644: 10/2/2010 6:54:26 AM - Software Distribution Service 3.0
RP645: 10/3/2010 8:55:38 AM - System Checkpoint
RP646: 10/3/2010 11:17:34 AM - Software Distribution Service 3.0
RP647: 10/3/2010 11:55:57 AM - Configured Stronghold 2 Deluxe
RP648: 10/3/2010 12:04:23 PM - Configured Stronghold 2 Deluxe
RP649: 10/4/2010 12:51:52 PM - System Checkpoint
RP650: 10/4/2010 6:32:37 PM - Software Distribution Service 3.0
RP651: 10/6/2010 5:54:33 AM - Software Distribution Service 3.0
RP652: 10/7/2010 2:05:08 AM - Software Distribution Service 3.0
RP653: 10/8/2010 6:06:54 AM - Software Distribution Service 3.0
RP654: 10/8/2010 6:57:47 AM - Software Distribution Service 3.0
RP655: 10/9/2010 3:11:13 PM - System Checkpoint
RP656: 10/10/2010 7:35:39 AM - Software Distribution Service 3.0
RP657: 10/11/2010 11:08:29 AM - Software Distribution Service 3.0
RP658: 10/12/2010 1:11:07 PM - System Checkpoint
RP659: 10/12/2010 5:33:57 PM - Software Distribution Service 3.0
RP660: 10/13/2010 1:47:25 AM - Software Distribution Service 3.0
RP661: 10/13/2010 6:37:02 AM - Software Distribution Service 3.0
RP662: 10/14/2010 6:26:34 AM - Software Distribution Service 3.0
RP663: 10/14/2010 6:58:11 AM - Software Distribution Service 3.0
RP664: 10/15/2010 6:43:10 AM - Installed iTunes
RP665: 10/15/2010 9:37:43 PM - Software Distribution Service 3.0
RP666: 10/16/2010 1:51:26 AM - Software Distribution Service 3.0
RP667: 10/16/2010 6:58:23 AM - Software Distribution Service 3.0
RP668: 10/17/2010 1:51:42 AM - Software Distribution Service 3.0
RP669: 10/17/2010 6:54:42 AM - Software Distribution Service 3.0
RP670: 10/18/2010 2:28:41 AM - Software Distribution Service 3.0
RP671: 10/18/2010 8:35:46 AM - Software Distribution Service 3.0
RP672: 10/19/2010 2:29:50 AM - Software Distribution Service 3.0
RP673: 10/19/2010 8:34:16 AM - Software Distribution Service 3.0
RP674: 10/20/2010 2:28:45 AM - Software Distribution Service 3.0
RP675: 10/20/2010 8:35:06 AM - Software Distribution Service 3.0
RP676: 10/21/2010 2:13:13 AM - Software Distribution Service 3.0
RP677: 10/22/2010 2:09:55 AM - Software Distribution Service 3.0
RP678: 10/22/2010 10:56:40 AM - Software Distribution Service 3.0
RP679: 10/23/2010 2:10:22 AM - Software Distribution Service 3.0
RP680: 10/23/2010 10:57:52 AM - Software Distribution Service 3.0
RP681: 10/24/2010 2:09:34 AM - Software Distribution Service 3.0
RP682: 10/24/2010 10:58:26 AM - Software Distribution Service 3.0
RP683: 10/25/2010 2:26:34 AM - Software Distribution Service 3.0
RP684: 10/25/2010 4:45:11 PM - Software Distribution Service 3.0
RP685: 10/26/2010 5:39:52 PM - System Checkpoint
RP686: 10/27/2010 2:00:13 AM - Software Distribution Service 3.0
RP687: 10/27/2010 2:52:56 PM - Software Distribution Service 3.0
RP688: 10/28/2010 1:53:28 AM - Software Distribution Service 3.0
RP689: 10/29/2010 2:09:12 AM - System Checkpoint
RP690: 10/29/2010 2:10:35 AM - Software Distribution Service 3.0
RP691: 10/29/2010 3:13:32 PM - Software Distribution Service 3.0
RP692: 10/30/2010 2:11:24 AM - Software Distribution Service 3.0
RP693: 10/30/2010 3:12:52 PM - Software Distribution Service 3.0
RP694: 10/31/2010 3:37:16 PM - System Checkpoint
RP695: 11/1/2010 2:09:35 AM - Software Distribution Service 3.0
RP696: 11/1/2010 7:16:42 AM - Software Distribution Service 3.0
RP697: 11/2/2010 11:39:30 AM - System Checkpoint
RP698: 11/2/2010 11:42:12 AM - Software Distribution Service 3.0
RP699: 11/3/2010 11:49:59 AM - System Checkpoint
RP700: 11/3/2010 2:43:57 PM - Software Distribution Service 3.0
RP701: 11/4/2010 9:02:08 AM - Removed Ask Toolbar.
RP702: 11/4/2010 9:03:13 AM - Removed Bonjour
RP703: 11/4/2010 4:56:47 PM - Software Distribution Service 3.0
RP704: 11/4/2010 7:38:46 PM - Configured Microsoft Office Enterprise 2007
RP705: 11/5/2010 5:37:24 PM - Software Distribution Service 3.0
RP706: 11/6/2010 6:36:35 PM - System Checkpoint
RP707: 11/7/2010 6:37:28 AM - Software Distribution Service 3.0
RP708: 11/8/2010 6:42:21 AM - System Checkpoint
RP709: 11/8/2010 5:54:51 PM - Software Distribution Service 3.0
RP710: 11/9/2010 5:57:57 PM - Software Distribution Service 3.0
RP711: 11/10/2010 6:35:01 PM - Software Distribution Service 3.0
RP712: 11/11/2010 6:11:45 AM - Software Distribution Service 3.0
RP713: 11/12/2010 7:14:28 AM - Software Distribution Service 3.0
RP714: 11/13/2010 10:55:40 AM - System Checkpoint
RP715: 11/13/2010 6:29:41 PM - Software Distribution Service 3.0
RP716: 11/14/2010 6:56:40 PM - System Checkpoint
RP717: 11/15/2010 7:19:19 AM - Software Distribution Service 3.0
RP718: 11/15/2010 5:53:56 PM - Software Distribution Service 3.0
RP719: 11/16/2010 8:22:54 PM - Software Distribution Service 3.0
RP720: 11/17/2010 8:24:15 PM - System Checkpoint
RP721: 11/18/2010 5:52:21 AM - Software Distribution Service 3.0
RP722: 11/18/2010 3:48:06 PM - Configured Microsoft Office Enterprise 2007
RP723: 11/18/2010 3:48:29 PM - Configured Microsoft Office Enterprise 2007
RP724: 11/19/2010 12:22:10 PM - Software Distribution Service 3.0
RP725: 11/20/2010 2:35:43 PM - System Checkpoint
RP726: 11/21/2010 6:51:54 AM - Software Distribution Service 3.0
RP727: 11/22/2010 7:06:00 AM - System Checkpoint
RP728: 11/22/2010 11:25:53 AM - Software Distribution Service 3.0
RP729: 11/23/2010 11:34:12 AM - Software Distribution Service 3.0
RP730: 11/24/2010 2:27:11 AM - Software Distribution Service 3.0
RP731: 11/24/2010 10:55:27 AM - Removed AVG Free 8.5
RP732: 11/24/2010 10:58:17 AM - Installed AVG Free 8.5
RP733: 11/24/2010 11:16:19 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP734: 11/24/2010 11:16:30 AM - Installed AVG 2011
RP735: 11/24/2010 11:21:23 AM - Installed AVG 2011
RP736: 11/25/2010 12:36:42 PM - System Checkpoint
RP737: 11/26/2010 1:03:27 PM - System Checkpoint
RP738: 11/27/2010 6:59:03 PM - System Checkpoint
RP739: 11/28/2010 7:18:01 PM - System Checkpoint
RP740: 11/30/2010 6:35:28 AM - System Checkpoint
RP741: 12/1/2010 9:01:13 AM - System Checkpoint
RP742: 12/2/2010 4:14:31 PM - System Checkpoint
RP743: 12/4/2010 11:02:21 AM - System Checkpoint
RP744: 12/5/2010 12:00:32 PM - System Checkpoint
RP745: 12/6/2010 6:44:58 PM - System Checkpoint
RP746: 12/8/2010 8:56:27 AM - System Checkpoint
RP747: 12/9/2010 6:52:33 AM - Installed Opera 10.63.
RP748: 12/10/2010 6:52:58 AM - System Checkpoint
RP749: 12/11/2010 8:27:14 AM - System Checkpoint
RP750: 12/12/2010 9:22:58 AM - System Checkpoint
RP751: 12/13/2010 7:18:54 PM - System Checkpoint
RP752: 12/14/2010 8:35:14 PM - System Checkpoint
RP753: 12/15/2010 3:00:37 AM - Software Distribution Service 3.0
RP754: 12/16/2010 6:38:07 AM - System Checkpoint
RP755: 12/17/2010 6:39:41 AM - Software Distribution Service 3.0
RP756: 12/17/2010 6:40:54 AM - Removed Opera 10.63.
RP757: 12/17/2010 6:41:39 AM - Installed Opera 11.00.
RP758: 12/18/2010 6:47:22 AM - Software Distribution Service 3.0
RP759: 12/20/2010 11:45:32 AM - System Checkpoint
RP760: 12/22/2010 4:10:04 PM - System Checkpoint

==== Installed Programs ======================

18 Wheels of Steel: Convoy 1.0
Acrobat.com
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Age of Empires III
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Barbie™ Explorer™
Battleship SURFACE THUNDER
BufferChm
ClamWin Free Antivirus 0.95.2
Combat Wings - Battle of Britain (1.0)
Combat Wings (1.0)
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Crazy Taxi
Deer Hunter 5 v1.2
Delta Force Land Warrior
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
EasyCleaner
eSupportQFolder
F300
F300_Help
Fax_CDA
GIMP 2.6.6
Google Earth
Google Update Helper
Helicopter Strike Force
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
Image Resizer Powertoy for Windows XP
InCD
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java™ 6 Update 13
Java™ 6 Update 7
LEGO Digital Designer
LucasArts' The Phantom Menace
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Minnesota Cuke
Mixer
Monster Jam
Mozilla Firefox (3.6.13)
MS Access 97 SP2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Myst for Windows 95
Nancy Drew: Last Train to Blue Moon Canyon
Nancy Drew: Secret of Shadow Ranch
Nancy Drew: Secret of the Old Clock
Nancy Drew: Secrets Can Kill
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Haunting of Castle Malloy
Nancy Drew: Treasure in the Royal Tower
Need For Speed High Stakes
Need for Speed™ Carbon
Nero OEM
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.1
Opera 11.00
Pac-Man World 2
Pajama Sam Life is Rough When You Lose Your Stuff
Picasa 3
PowerDVD
PrintMaster Platinum 17
ProductContextNPI
QuickTime
Readme
Roll
Roller Rush
RollerCoaster Tycoon 2
Scan
ScannerCopy
Secret Agent™ Barbie™
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
SigmaTel Audio
SimCity 3000 Unlimited
SimCoaster
SimSafari
SimTheme Park
SolutionCenter
Sound Blaster Audigy ADVANCED MB Demo
Space Invaders
Spybot - Search & Destroy
SpywareBlaster 4.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars JK II Jedi Outcast
Status
Street Legal Racing Redline
Stronghold 2 Deluxe
Stronghold Crusader
Test Drive Off-Road 3
The Hardy Boys - The Hidden Theft
THE SETTLERS - Rise of an Empire
Time to Ride
Toolbox
TrayApp
Tux Paint 0.9.20b
Tux Paint Stamps 2008.06.30
Unity Web Player (All users)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows XP (KB2467659)
VeggieTalesJonah
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
WD Diagnostics
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World War II - Pacific Heroes (1.0)
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12/26/2010 8:05:14 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/26/2010 2:37:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001320DCECDF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/23/2010 7:01:58 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/23/2010 5:57:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prosync1
12/23/2010 5:56:38 PM, error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: The system cannot find the file specified.
12/23/2010 5:53:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/22/2010 12:02:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/21/2010 6:36:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================



DDS (Ver_10-12-12.02) - NTFSx86
Run by Colleen at 11:30:56.34 on Mon 12/27/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.422 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Colleen\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = res://c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - c:\progra~1\copern~1\COPERN~1.DLL
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6

OK Gringo, Here are the reports:


UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_10-12-12.02)

Microsoft Windows XP Home Edition
Boot Device: \Device\HarddiskVolume1
Install Date: 1/1/2009 8:41:29 AM
System Uptime: 12/27/2010 11:14:17 AM (0 hours ago)

Motherboard: Dell Inc. | | 0JC474
Processor: Intel® Pentium® 4 CPU 2.80GHz | Microprocessor | 2793/800mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 149 GiB total, 33.085 GiB free.
D: is CDROM (CDFS)
F: is CDROM (UDF)

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP631: 9/21/2010 2:44:58 PM - Software Distribution Service 3.0
RP632: 9/22/2010 6:43:01 PM - System Checkpoint
RP633: 9/23/2010 11:24:58 AM - Software Distribution Service 3.0
RP634: 9/24/2010 2:55:41 PM - Software Distribution Service 3.0
RP635: 9/25/2010 3:39:29 PM - Software Distribution Service 3.0
RP636: 9/26/2010 5:20:19 PM - Software Distribution Service 3.0
RP637: 9/27/2010 5:36:22 PM - Software Distribution Service 3.0
RP638: 9/28/2010 6:05:59 PM - Software Distribution Service 3.0
RP639: 9/29/2010 8:14:19 PM - System Checkpoint
RP640: 9/30/2010 6:02:30 AM - Software Distribution Service 3.0
RP641: 9/30/2010 6:13:40 AM - Software Distribution Service 3.0
RP642: 10/1/2010 6:05:31 AM - Software Distribution Service 3.0
RP643: 10/1/2010 6:17:12 AM - Software Distribution Service 3.0
RP644: 10/2/2010 6:54:26 AM - Software Distribution Service 3.0
RP645: 10/3/2010 8:55:38 AM - System Checkpoint
RP646: 10/3/2010 11:17:34 AM - Software Distribution Service 3.0
RP647: 10/3/2010 11:55:57 AM - Configured Stronghold 2 Deluxe
RP648: 10/3/2010 12:04:23 PM - Configured Stronghold 2 Deluxe
RP649: 10/4/2010 12:51:52 PM - System Checkpoint
RP650: 10/4/2010 6:32:37 PM - Software Distribution Service 3.0
RP651: 10/6/2010 5:54:33 AM - Software Distribution Service 3.0
RP652: 10/7/2010 2:05:08 AM - Software Distribution Service 3.0
RP653: 10/8/2010 6:06:54 AM - Software Distribution Service 3.0
RP654: 10/8/2010 6:57:47 AM - Software Distribution Service 3.0
RP655: 10/9/2010 3:11:13 PM - System Checkpoint
RP656: 10/10/2010 7:35:39 AM - Software Distribution Service 3.0
RP657: 10/11/2010 11:08:29 AM - Software Distribution Service 3.0
RP658: 10/12/2010 1:11:07 PM - System Checkpoint
RP659: 10/12/2010 5:33:57 PM - Software Distribution Service 3.0
RP660: 10/13/2010 1:47:25 AM - Software Distribution Service 3.0
RP661: 10/13/2010 6:37:02 AM - Software Distribution Service 3.0
RP662: 10/14/2010 6:26:34 AM - Software Distribution Service 3.0
RP663: 10/14/2010 6:58:11 AM - Software Distribution Service 3.0
RP664: 10/15/2010 6:43:10 AM - Installed iTunes
RP665: 10/15/2010 9:37:43 PM - Software Distribution Service 3.0
RP666: 10/16/2010 1:51:26 AM - Software Distribution Service 3.0
RP667: 10/16/2010 6:58:23 AM - Software Distribution Service 3.0
RP668: 10/17/2010 1:51:42 AM - Software Distribution Service 3.0
RP669: 10/17/2010 6:54:42 AM - Software Distribution Service 3.0
RP670: 10/18/2010 2:28:41 AM - Software Distribution Service 3.0
RP671: 10/18/2010 8:35:46 AM - Software Distribution Service 3.0
RP672: 10/19/2010 2:29:50 AM - Software Distribution Service 3.0
RP673: 10/19/2010 8:34:16 AM - Software Distribution Service 3.0
RP674: 10/20/2010 2:28:45 AM - Software Distribution Service 3.0
RP675: 10/20/2010 8:35:06 AM - Software Distribution Service 3.0
RP676: 10/21/2010 2:13:13 AM - Software Distribution Service 3.0
RP677: 10/22/2010 2:09:55 AM - Software Distribution Service 3.0
RP678: 10/22/2010 10:56:40 AM - Software Distribution Service 3.0
RP679: 10/23/2010 2:10:22 AM - Software Distribution Service 3.0
RP680: 10/23/2010 10:57:52 AM - Software Distribution Service 3.0
RP681: 10/24/2010 2:09:34 AM - Software Distribution Service 3.0
RP682: 10/24/2010 10:58:26 AM - Software Distribution Service 3.0
RP683: 10/25/2010 2:26:34 AM - Software Distribution Service 3.0
RP684: 10/25/2010 4:45:11 PM - Software Distribution Service 3.0
RP685: 10/26/2010 5:39:52 PM - System Checkpoint
RP686: 10/27/2010 2:00:13 AM - Software Distribution Service 3.0
RP687: 10/27/2010 2:52:56 PM - Software Distribution Service 3.0
RP688: 10/28/2010 1:53:28 AM - Software Distribution Service 3.0
RP689: 10/29/2010 2:09:12 AM - System Checkpoint
RP690: 10/29/2010 2:10:35 AM - Software Distribution Service 3.0
RP691: 10/29/2010 3:13:32 PM - Software Distribution Service 3.0
RP692: 10/30/2010 2:11:24 AM - Software Distribution Service 3.0
RP693: 10/30/2010 3:12:52 PM - Software Distribution Service 3.0
RP694: 10/31/2010 3:37:16 PM - System Checkpoint
RP695: 11/1/2010 2:09:35 AM - Software Distribution Service 3.0
RP696: 11/1/2010 7:16:42 AM - Software Distribution Service 3.0
RP697: 11/2/2010 11:39:30 AM - System Checkpoint
RP698: 11/2/2010 11:42:12 AM - Software Distribution Service 3.0
RP699: 11/3/2010 11:49:59 AM - System Checkpoint
RP700: 11/3/2010 2:43:57 PM - Software Distribution Service 3.0
RP701: 11/4/2010 9:02:08 AM - Removed Ask Toolbar.
RP702: 11/4/2010 9:03:13 AM - Removed Bonjour
RP703: 11/4/2010 4:56:47 PM - Software Distribution Service 3.0
RP704: 11/4/2010 7:38:46 PM - Configured Microsoft Office Enterprise 2007
RP705: 11/5/2010 5:37:24 PM - Software Distribution Service 3.0
RP706: 11/6/2010 6:36:35 PM - System Checkpoint
RP707: 11/7/2010 6:37:28 AM - Software Distribution Service 3.0
RP708: 11/8/2010 6:42:21 AM - System Checkpoint
RP709: 11/8/2010 5:54:51 PM - Software Distribution Service 3.0
RP710: 11/9/2010 5:57:57 PM - Software Distribution Service 3.0
RP711: 11/10/2010 6:35:01 PM - Software Distribution Service 3.0
RP712: 11/11/2010 6:11:45 AM - Software Distribution Service 3.0
RP713: 11/12/2010 7:14:28 AM - Software Distribution Service 3.0
RP714: 11/13/2010 10:55:40 AM - System Checkpoint
RP715: 11/13/2010 6:29:41 PM - Software Distribution Service 3.0
RP716: 11/14/2010 6:56:40 PM - System Checkpoint
RP717: 11/15/2010 7:19:19 AM - Software Distribution Service 3.0
RP718: 11/15/2010 5:53:56 PM - Software Distribution Service 3.0
RP719: 11/16/2010 8:22:54 PM - Software Distribution Service 3.0
RP720: 11/17/2010 8:24:15 PM - System Checkpoint
RP721: 11/18/2010 5:52:21 AM - Software Distribution Service 3.0
RP722: 11/18/2010 3:48:06 PM - Configured Microsoft Office Enterprise 2007
RP723: 11/18/2010 3:48:29 PM - Configured Microsoft Office Enterprise 2007
RP724: 11/19/2010 12:22:10 PM - Software Distribution Service 3.0
RP725: 11/20/2010 2:35:43 PM - System Checkpoint
RP726: 11/21/2010 6:51:54 AM - Software Distribution Service 3.0
RP727: 11/22/2010 7:06:00 AM - System Checkpoint
RP728: 11/22/2010 11:25:53 AM - Software Distribution Service 3.0
RP729: 11/23/2010 11:34:12 AM - Software Distribution Service 3.0
RP730: 11/24/2010 2:27:11 AM - Software Distribution Service 3.0
RP731: 11/24/2010 10:55:27 AM - Removed AVG Free 8.5
RP732: 11/24/2010 10:58:17 AM - Installed AVG Free 8.5
RP733: 11/24/2010 11:16:19 AM - Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
RP734: 11/24/2010 11:16:30 AM - Installed AVG 2011
RP735: 11/24/2010 11:21:23 AM - Installed AVG 2011
RP736: 11/25/2010 12:36:42 PM - System Checkpoint
RP737: 11/26/2010 1:03:27 PM - System Checkpoint
RP738: 11/27/2010 6:59:03 PM - System Checkpoint
RP739: 11/28/2010 7:18:01 PM - System Checkpoint
RP740: 11/30/2010 6:35:28 AM - System Checkpoint
RP741: 12/1/2010 9:01:13 AM - System Checkpoint
RP742: 12/2/2010 4:14:31 PM - System Checkpoint
RP743: 12/4/2010 11:02:21 AM - System Checkpoint
RP744: 12/5/2010 12:00:32 PM - System Checkpoint
RP745: 12/6/2010 6:44:58 PM - System Checkpoint
RP746: 12/8/2010 8:56:27 AM - System Checkpoint
RP747: 12/9/2010 6:52:33 AM - Installed Opera 10.63.
RP748: 12/10/2010 6:52:58 AM - System Checkpoint
RP749: 12/11/2010 8:27:14 AM - System Checkpoint
RP750: 12/12/2010 9:22:58 AM - System Checkpoint
RP751: 12/13/2010 7:18:54 PM - System Checkpoint
RP752: 12/14/2010 8:35:14 PM - System Checkpoint
RP753: 12/15/2010 3:00:37 AM - Software Distribution Service 3.0
RP754: 12/16/2010 6:38:07 AM - System Checkpoint
RP755: 12/17/2010 6:39:41 AM - Software Distribution Service 3.0
RP756: 12/17/2010 6:40:54 AM - Removed Opera 10.63.
RP757: 12/17/2010 6:41:39 AM - Installed Opera 11.00.
RP758: 12/18/2010 6:47:22 AM - Software Distribution Service 3.0
RP759: 12/20/2010 11:45:32 AM - System Checkpoint
RP760: 12/22/2010 4:10:04 PM - System Checkpoint

==== Installed Programs ======================

18 Wheels of Steel: Convoy 1.0
Acrobat.com
Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.1
Adobe Shockwave Player 11
Age of Empires III
AiO_Scan_CDA
AiOSoftwareNPI
Apple Application Support
Apple Mobile Device Support
Apple Software Update
AVG 2011
AVG PC Tuneup 2011
Barbie™ Explorer™
Battleship SURFACE THUNDER
BufferChm
ClamWin Free Antivirus 0.95.2
Combat Wings - Battle of Britain (1.0)
Combat Wings (1.0)
Conexant D850 56K V.9x DFVc Modem
Copernic Agent Basic
Crazy Taxi
Deer Hunter 5 v1.2
Delta Force Land Warrior
Destinations
DeviceManagementQFolder
DocProc
DocProcQFolder
e-Sword
EasyCleaner
eSupportQFolder
F300
F300_Help
Fax_CDA
GIMP 2.6.6
Google Earth
Google Update Helper
Helicopter Strike Force
Homestead SiteBuilder
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
HP Imaging Device Functions 7.0
HP Photosmart Essential
HP Photosmart, Officejet and Deskjet 7.0.A
HP Software Update
HP Solution Center 7.0
HPPhotoSmartExpress
HPProductAssistant
Image Resizer Powertoy for Windows XP
InCD
InstantShareDevicesMFC
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
iTunes
Java™ 6 Update 13
Java™ 6 Update 7
LEGO Digital Designer
LucasArts' The Phantom Menace
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Combat Flight Simulator 3.1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders (English) 12
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Web Publishing Wizard 1.52
Minnesota Cuke
Mixer
Monster Jam
Mozilla Firefox (3.6.13)
MS Access 97 SP2
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Myst for Windows 95
Nancy Drew: Last Train to Blue Moon Canyon
Nancy Drew: Secret of Shadow Ranch
Nancy Drew: Secret of the Old Clock
Nancy Drew: Secrets Can Kill
Nancy Drew: The Curse of Blackmoor Manor
Nancy Drew: The Haunting of Castle Malloy
Nancy Drew: Treasure in the Royal Tower
Need For Speed High Stakes
Need for Speed™ Carbon
Nero OEM
NewCopy_CDA
NVIDIA Drivers
OCR Software by I.R.I.S 7.0
OpenOffice.org 3.1
Opera 11.00
Pac-Man World 2
Pajama Sam Life is Rough When You Lose Your Stuff
Picasa 3
PowerDVD
PrintMaster Platinum 17
ProductContextNPI
QuickTime
Readme
Roll
Roller Rush
RollerCoaster Tycoon 2
Scan
ScannerCopy
Secret Agent™ Barbie™
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2289158)
Security Update for 2007 Microsoft Office System (KB2344875)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft Office Access 2007 (KB979440)
Security Update for Microsoft Office Excel 2007 (KB2345035)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB982158)
Security Update for Microsoft Office PowerPoint Viewer (KB2413381)
Security Update for Microsoft Office Publisher 2007 (KB2284697)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2416400)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
SigmaTel Audio
SimCity 3000 Unlimited
SimCoaster
SimSafari
SimTheme Park
SolutionCenter
Sound Blaster Audigy ADVANCED MB Demo
Space Invaders
Spybot - Search & Destroy
SpywareBlaster 4.4
Star Wars Battlefront
Star Wars Battlefront II
Star Wars JK II Jedi Outcast
Status
Street Legal Racing Redline
Stronghold 2 Deluxe
Stronghold Crusader
Test Drive Off-Road 3
The Hardy Boys - The Hidden Theft
THE SETTLERS - Rise of an Empire
Time to Ride
Toolbox
TrayApp
Tux Paint 0.9.20b
Tux Paint Stamps 2008.06.30
Unity Web Player (All users)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office Outlook 2007 (KB2412171)
Update for Outlook 2007 Junk Email Filter (KB2466076)
Update for Windows XP (KB2467659)
VeggieTalesJonah
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
VLC media player 1.1.4
WD Diagnostics
WebFldrs XP
WebReg
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
World War II - Pacific Heroes (1.0)
Xvid 1.2.2 final uninstall

==== Event Viewer Messages From Past Week ========

12/26/2010 8:05:14 AM, error: Service Control Manager [7022] - The Automatic Updates service hung on starting.
12/26/2010 2:37:51 PM, error: Dhcp [1002] - The IP address lease 192.168.1.101 for the Network Card with network address 001320DCECDF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
12/23/2010 7:01:58 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service winmgmt with arguments "" in order to run the server: {8BC3F05E-D86B-11D0-A075-00C04FB68820}
12/23/2010 5:57:02 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: prosync1
12/23/2010 5:56:38 PM, error: Service Control Manager [7000] - The PMEM service failed to start due to the following error: The system cannot find the file specified.
12/23/2010 5:53:39 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/22/2010 12:02:18 PM, error: Service Control Manager [7011] - Timeout (30000 milliseconds) waiting for a transaction response from the stisvc service.
12/21/2010 6:36:36 PM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

==== End Of File ===========================



DDS (Ver_10-12-12.02) - NTFSx86
Run by Colleen at 11:30:56.34 on Mon 12/27/2010
Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_13
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1270.422 [GMT -8:00]

AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

============== Running Processes ===============

C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Colleen\Desktop\dds.scr

============== Pseudo HJT Report ===============

uSearch Page = hxxp://www.google.com
uSearch Bar = res://c:\program files\copernic agent\CopernicAgentExt.dll/INTEGRATION_BAND_SEARCHBAR_HTML
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
uURLSearchHooks: N/A: {be89472c-b803-4d1d-9a9a-0a63660e0fe3} - c:\progra~1\copern~1\COPERN~1.DLL
mURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users